CR9-99-045 



PATENT 




- 1 - 



BEFORE THE BOARD OF PATENT APPEALS AND INTERFERENCES 



In re Application of: 

John R. Hind et al. 

Serial No.: 09/316,804 

Filed: May 21, 1999 



Title: METHOD AND APPARATUS 
FOR INITIALIZING MOBILE 
WIRELESS DEVICE 



Before the Examiner: 
Baum, Ronald 

Group Art Unit: 2131 



IBM Corporation 
P.O.. Box 12195 
Dept. T8 1/503 

Research Triangle Park, NC 27709 



APPEAL BRIEF 



Mail Stop Appeal Brief-Patents 
Commissioner for Patents 
P.O. Box 1450 
Alexandria, VA 22313-1450 



RECEIVED 

MAY 2 4 2004 

Technology Center 2100 



i. 



REAL PARTY IN INTEREST 



The real party in interest is International Business Machines Corporation, which is 
the assignee of the entire right, title and interest in the above-identified patent application. 



CERTIFICATION UNDER 37 C.F.R. S 1.8 

I hereby certify that this correspondence is being deposited with the United States Postal Service with 
sufficient postage as first class mail in an envelope addressed to Mail Stop Appeal Brief-Patents, 
Commissioner for Patents, P.O. Box 1450, Alexandria, Virginia 22313-1450, on May 17, 2004. 

05/21/2004 AUONDflFl 00000128 090461 09316804 

01 FC:1402 330.00 DA Signature 

Serena Beller 

(Printed name of person certifying) 



CR9-99-045 



PATENT 



II. RELATED APPEALS AND INTERFERENCES 

There are no other appeals or interferences known to Appellants, Appellants' 
legal representative or assignee which will directly affect or be directly affected by or 
have a bearing on the Board's decision in the pending appeal. 

III. STATUS OF CLAIMS 

Claims 2-4, 6, 8-10, 12, 14-16 and 18-22 are pending in the Application. 
Claims 4, 10 and 16 are objected to as being dependent upon a rejected base claim, 
but would be allowable if rewritten in independent form including all of the 
limitations of the base claim and any intervening claims. Claims 2-3, 6, 8-9, 12, 14- 
15 and 18-22 stand rejected. 

IV. STATUS OF AMENDMENTS 

The Appellants' response to the Office Action having a mailing date of July 
30, 2003, has been considered, but the Examiner indicated that it did not place the 
application in condition for allowance because the Appellants' arguments were 
deemed unpersuasive. Appellants have submitted a supplemental 1.116 Reply, 
having a mailing date of May 5, 2004, amending objected claims 4, 10 and 16 to be 
written in independent form thereby adopting the Examiner's suggestion which 
requires only a cursory review by the Examiner. 

V. SUMMARY OF INVENTION 

The present invention allows the use of wireless devices containing a radio 
module to connect in a secure manner using digital certificates. Specification, page 
10, lines 5-6. The present invention does not require manual entry of user identifiers, 
passwords or cryptographic keys. Specification, page 10, lines 6-7. The present 
invention also allows for efficient administration of secure devices within an 
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enterprise without creating additional administrative overhead for initializing the 
devices. Specification, page 10, lines 7-9. 

In one embodiment of the present invention, a method for initializing a first 
device distributed with an embedded radio module using a server, the server having 
an embedded radio module, may comprise the step of sending an inquiry from the 
server to the first device using the embedded radio modules. Specification, page 15, 
lines 22-23. The method may further comprise returning, from the first device, a 
unique device identifier of the first device, to the server. Specification, page 15, lines 
23-25. The method may further comprise creating, at the server, a public key, private 
key pair for the first device. Specification, page 16, lines 4-6. The method may 
further comprise creating, at the server, a device certificate for the first device, the 
device certificate having a unique hardware identifier associated with the first device 
and a public key associated with the first device. Specification, page 16, lines 6-8. 
The method may further comprise transmitting the private key, and the device 
certificate, and a public key of a certificate authority which signed the device 
certificate, to the first device. Specification, page 16, lines 8-17. The method may 
further comprise storing the private key in non-removable protected storage at the 
first device where the protected storage is write-only storage able to perform 
computations involving previously- written data. Specification, page 14, lines 14-16. 

VI. ISSUES 

Are claims 2-3, 6, 8-9, 12, 14-15 and 18-22 properly rejected under 35 U.S.C. 
§ 102(b) as being anticipated by Debry (U.S. Patent No. 6,314,521)? 

VII. GROUPING OF CLAIMS 

Claims 2, 8, 12, 14 and 18-22 form a first group. 
Claims 3, 9 and 15 form a second group. 
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Claim 6 should not be grouped together and should be considered separately. 

The reasons for these groupings are set forth in Appellants' arguments in 
Section VIII. 

VIIL ARGUMENT 

For a claim to be anticipated under 35 U.S. C. §102, each and every claim 
limitation must be found within the cited prior art reference and arranged as required 
by the claim. M.P.E.R § 2131. 

Appellants respectfully assert that Debry does not disclose "storing said 
private key in non-removable protected storage at said first device" as recited in 
claim 2 and similarly in claims 6, 8, 12, 14 and 18. The Examiner cites column 6, 
lines 28-32 and 66-67 of Debry as disclosing above-cited claim limitation. Paper 
No. 7, page 3. Appellants respectfully traverse and assert that Debry instead discloses 
that the printer decrypts the digital certificate using the certificate authority's public 
key and stores the digital certificate in a nonvolatile memory in the printing system. 
A nonvolatile memory does not correspond to a non-removable protected storage.. 
Further, Debry does not disclose storing a private key in a non-removable protected 
storage. Thus, Debry does not disclose all of the limitations of claims 2, 6, 8, 12, 14 
and 18, and thus Debry does not anticipate claims 2, 6, 8, 12, 14 and 18. 
M.RE.P. §2131. 

Appellants further assert that Debry does not disclose "wherein said protective 
storage is write-only storage able to perform computations involving previously- 
written data" as recited in claim 2 and similarly in claims 6, 8, 12, 14 and 18. The 
Examiner cites column 6, lines 66-67 of Debry as disclosing the above-cited claim 
limitation. Paper No. 7, page 6. However, this language discloses the printer storing 
the digital certificate in a nonvolatile memory A nonvolatile memory refers to 
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memory specifically designed to hold information even when the power is switched 
off. This is not the same as being able to perform computations involving previously- 
written data. Thus, Debry does not disclose all the limitations of claims 2, 6, 8, 12, 
14 and 18, and thus Debry does not anticipate claims 2, 6, 8, 12, 14 and 18. 
M.RE.P. § 2131. 

Appellants further assert that Debry does not disclose "creating, at said first 
device, a public key, private key pair for said first device" as recited in claim 6. The 
Examiner cites column 6, lines 19-27 and 40-41 and column 8, lines 17-25 of Debry 
as disclosing the above-cited claim limitation. Paper No. 7, page 5. However, this 
language discloses that when a printer is manufactured, a unique data encryption key 
is built into the printer. Debry only discloses a unique data encryption key but does 
not disclose a public key, private key pair. Thus, Debry does not disclose all of the 
limitations of claim 6, and thus Debry does not anticipate claim 6. M.P.E.P. § 2131. 

Appellants further assert that Debry does not disclose "returning, from said 
first device, a unique device identifier and said public key of said first device, to said 
server" as recited in claim 6. The Examiner cites column 6, lines 36-43 of Debry as 
disclosing the above-cited claim limitation. Paper No. 7, page 5. However, this 
language discloses that the printer sends a message containing the printer model and 
serial number, the printer's network address and a request for a digital certificate. 
This message does not contain a public key of the first device. Thus, Debry does not 
disclose all the limitations of claim 6, and thus Debry does not anticipate claim 6. 
M.P.E.P. §2131. 

Appellants further assert that Debry does not disclose "creating, at said server, 
a device certificate for said first device, said device certificate having said device 
identifier and said public key" as recited in claim 6. The Examiner cites column 6, 
lines 12-18 and column 9, lines 15-23 of Debry as disclosing the above-cited claim 
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limitation. Paper No. 7, page 5. This language in Debry discloses the certificate 
authority generating a unique public/private encryption key pair for the printer and 
builds a digital certificate having the fields that includes a distinguished name of the 
printer, the issuer's distinguished name, the public key, the issuer's digital signature, 
the validity period and a serial number. While the digital certificate includes a serial 
number that presumably was sent from the printer, the digital certificate does not 
include a public key that was sent from the printer as the printer never transmitted a 
public key to the certificate authority. Thus, Debry does not disclose all of the 
limitations of claim 6, and thus Debry does not anticipate claim 6. M.RE.P. § 2131. 

Appellants further assert that Debry does not disclose "wherein a copy of said 
certificate is stored in an enterprise database" as recited in claim 3 and similarly in 
claims 9 and 15. The Examiner recites column 6, lines 24-26 and 61-64 of Debry as 
disclosing the above-cited claim limitation. Paper No. 7, page 7. However, this 
language discloses a database at the certificate authority server that stores a new 
public key that was sent from the certificate authority to the printer. This language 
does not disclose storing a copy of a device certificate in an enterprise database. 
Thus, Debry does not disclose all of the limitations of claims 3, 9 and 15, and thus. 
Debry does not anticipate claims 3, 9 and 15. M.RE.P § 2131. 

As a result of the foregoing, Appellants: respectfully assert that not each and 
every claim limitation was found within the cited prior art reference and thus claims 
2-3, 6, 8-9, 12, 14-15 and 18-22 are not anticipated by Debry. 
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IX. CONCLUSION 



For the reasons noted above, the rejections of claims 2-3, 6, 8-9, 12, 14-15 and 
18-22 are in error. Appellants respectfully request reversal of the rejections and 
allowance of claims 2-4, 6, 8-10, 12, 14-16 and 18-22. 

Respectfully submitted, 
WINSTEAD SECHREST & MINICK P.C/ 
Attorneys for Apfcelljlhts, 




Robert A. Voigt, Jr. 
Reg. No. 47,159 
Kelly K. Kordzik 
Reg. No. 36,571 



P.O. Box 50784 
Dallas, Texas 75201 
(512) 370-2832 
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APPENDIX 



1 2. A method for initializing a first device distributed with an embedded radio 

2 module using a server, said server having an embedded radio module, said method 

3 comprising the steps of: 

4 sending an inquiry from said server to said first device using said embedded 

5 radio modules; 

6 returning, from said first device, a unique device identifier of said first device, 

7 to said server; 

8 creating, at said server, a public key, private key pair for said first device; 

9 creating, at said server, a device certificate for said first device, said device 

10 certificate having a unique hardware identifier associated with said first device and a 

1 1 public key associated with said first device; 

12 transmitting said private key, and said device certificate, and a public key of a 

13 Certificate Authority which signed said device certificate, to said first device; and 

14 storing said private key in non-removable protected storage at said first 

15 device; 

16 wherein said protected storage is write-only storage able to perform 

1 7 computations involving previously- written data. 

1 3. A method as claimed in claim 2 wherein a copy of said certificate is stored in 

2 an enterprise database. 

1 4. A method as claimed in claim 2 wherein a copy of said certificate is stored in 

2 an LDAP directory. 

1 6. A method for initializing a first device distributed with an embedded radio 

2 module using a server, said server having an embedded radio module, said method 

3 comprising the steps of: 
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4 sending an inquiry from said server to said first device using said embedded 

5 radio modules; 

6 creating, at said first device, a public key, private key pair for said first device; 

7 storing, at said first device, said private key in non-removable protected 

8 storage; 

9 returning, from said first device, a unique device identifier and said public key 

1 0 of said first device, to said server; 

1 1 creating, at said server, a device certificate for said first device, said device 

12 certificate having said device identifier and said public key; and 

13 transmitting said device certificate and a public key of a Certificate Authority 

14 which signed said device certificate to said first device; 

15 wherein said protected storage is a write-only storage able to perform 

16 computations involving previously- written data. 

1 8. A system for initializing a first device distributed with an embedded radio 

2 module using a server, said server having an embedded radio module, said system 

3 comprising; 

4 a communications mechanism for sending an inquiry from said server to said 

5 first device using said embedded radio modules, and returning, from said first device, 

6 a unique device identifier of said first device, to said server; 

7 a processor at said server for creating a public key, private key pair for said 

8 first device; and 

9 a device certificate, created at said server, for said first device, said device 

10 certificate having a unique hardware identifier associated with said first device and a 

1 1 public key associated with said first device; 

12 wherein said communications mechanism transmits said private key, and said 

13 device certificate, and a public key of a Certificate Authority which signed said 

14 device certificate, to said first device; and, said processor stores said private key in 

1 5 non-removable protected storage at said first device; 

16 wherein said protected storage is write-only storage able to perform 

1 7 computations involving previously- written data. 
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1 9. A system as claimed in claim 8 wherein a copy of said certificate is stored in 

2 an enterprise database. 

1 10. A system as claimed in claim 8 wherein a copy of said certificate is stored in 

2 an LDAP directory. 

1 12. An initialization system, said system comprising: 

2 a first device, said first device having an embedded radio module; 

3 a server, said server having an embedded radio module; 

4 a communications mechanism, said communications mechanism sending an 

5 inquiry from said server to said first device using said embedded radio modules; 

6 wherein said first device creates a public key, private key pair for said first 

7 device, stores said private key in non-removable protected storage, and returns a 

8 unique device identifier and said public key of said first device, to said server; 

9 said server creates a device certificate for said first device, said device 

10 certificate having said device identifier and said public key; and transmits said device 

1 1 certificate and a public key of a Certificate Authority which signed said device 

12 certificate to said first device; 

13 wherein said protected storage is a write-only storage able to perform 

14 computations involving previously- written data. 

1 14. A computer program product embodied in a machine readable medium for 

2 initializing a first device distributed with an embedded radio module using a server, 

3 said server having an embedded radio module, wherein said computer program 

4 product comprises the programming steps of: 

5 sending an inquiry from said server to said first device using said embedded 

6 radio modules; 

7 returning, from said first device, a unique device identifier of said first device, 

8 to said server; 

9 creating, at said server, a public key, private key pair for said first device; 
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10 creating, at said server, a device certificate for said first device, said device 

1 1 certificate having a unique hardware identifier associated with said first device and a 

12 public key associated with said first device; 

13 transmitting said private key, and said device certificate, and a public key of a 

14 Certificate Authority which signed said device certificate, to said first device; and 

15 storing said private key in non-removable protected storage at said first 

16 device; 

17 wherein said protected storage is write-only storage able to perform 

1 8 computations involving previously- written data. 

1 15. The computer program product as claimed in claim 14 wherein a copy of said 

2 certificate is stored in an enterprise database. 

1 16. The computer program product as claimed in claim 14 wherein a copy of said 

2 certificate is stored in an LDAP directory. 

1 18. A computer program product embodied in a machine readable medium for 

2 initializing a first device distributed with an embedded radio module using a server, 

3 said server having an embedded radio module, wherein said computer program 

4 product comprises the programming steps of: 

5 sending an inquiry from said server to said first device using said embedded 

6 radio modules; 

7 creating, at said first device, a public key, private key pair for said first device; 

8 storing, at said first device, said private key in non-removable protected 

9 storage; 

10 returning, from said first device, a unique device identifier and said public key 

11 of said first device, to said server; 

12 creating, at said server, a device certificate for said first device, said device 

1 3 certificate having said device identifier and said public key; and 

14 transmitting said device certificate and a public key of a Certificate Authority 

1 5 which signed said device certificate to said first device; 
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wherein said protected storage is a write-only storage able to perform 
computations involving previously-written data. 

19. The method as recited in claim 2, wherein communication between said first 
device and said server is performed in a wireless manner. 

20. The system as recited in claim 8, wherein communication between said first 
device and said server is performed in a wireless manner. 

21. The computer program product as recited in claim 14, wherein 
communication between said first device and said server is performed in a wireless 
manner. 

22. The computer program product as recited in claim 18, wherein 
communication between said first device and said server is performed in a wireless 
manner. 

AUSTIN_1\249691\1 
7036-P251US 
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IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 

In re application of: John R. Hind et al. 

Serial No.: 09/316,804 Art Unit: 2131 

Filed: May 2 1 , 1999 Examiner: Ronald Baum 

For: METHOD AND APPARATUS FOR INITIALIZING MOBILE WIRELESS DEVICE 

Mail Stop Appeal Brief-Patents 
Commissioner for Patents 
P.O. Box 1450 
Alexandria, VA 22313-1450 

TRANSMITTAL OF APPEAL BRIEF 
(PATENT APPLICATION - 37 CFR 1.192) 



RECEIVED 

MAY ,2 4 2004 

Technology Center 2100 



1. Transmitted herewith in triplicate is the APPEAL BRIEF in this application with respect to the Notice of 
Appeal filed on March 26, 2004. 

NOTE: "The appellant shall, within 2 months from the date of the notice of appeal under § L191 in an application, reissue application, or 
patent under reexamination, or within the time allowed for response to the action appealed from, if such time is later, file a brief in 
triplicate. "37 CFR L 192(a) (emphasis added). 



2. STATUS OF APPLICANT 

This application is on behalf of 
E other than a small entity 
□ small entity 

verified statement: 

□ attached 

□ already filed 



3. FEE FOR FILING APPEAL BRIEF 

Pursuant to 37 CFR 1.17(f) the fee for filing the Appeal Brief is: 
□ small entity $165.00 
E other than a small entity $330.00 

Appeal Brief fee due $330.00 



CERTIFICATE OF MAILING (37 CFR 8 1.8) 

I hereby certify that this paper (along with any paper referred to as being attached or enclosed) is being deposited with 
the United States Postal Service on the date shown below with sufficient postage as first class mail in an envelope 
addressed to Mail Stop Appeal Brief-Patents, Commissioner for Patents, P.O. Box 1450, Alexandria, VA 22313-1450. 

Serena Beller 



Date:. 



5 1 [ "1 lO^l (^yP e or P rmt name of person mailing paper) 



(Signature of person mailing paper) 
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4. EXTENSION OF TERM 

NOTE: The time periods set forth in 37 CFR 1. 1 92(a) are subject to the provision of§i. 136 for patent applications. 37 CFR 1. 191(d). Also 
see Notice of November 5, 1985 (1060 OC 27). 

The proceedings herein are for a patent application and the provisions of 37 CFR 1.136 apply. 

(complete (a) or (b) as applicable) 

(a) □ Applicants petition for an extension of time under 37 CFR 1 .136 (fees: 37 CFR 1.17(a)-(d)) for the total 
number of months checked below: 



Extension 


Fee for other than 


Fee for 


(months) 


small entity 


small entity 


□ one month 


$ 110.00 


$ 55.00 


□ two months 


$ 420.00 


$ 210.00 


□ three months 


$ 950.00 


$ 475.00 


□ four months 


$ 1,480.00 


$ 740.00 


Fee 





If an additional extension of time is required, please consider this a petition therefor. 

(check and complete the next item, if applicable) 

An extension for _____ months has already been secured and the fee paid therefor of $ 

is deducted from the total fee due for the total months of extension now requested. 

Extension fee due with this request $ 

or 

Applicants believe that no extension of term is required. However, this conditional petition is being made 
to provide for the possibility that applicants have inadvertently overlooked the need for a petition and fee 
for extension of time. 

5. TOTAL FEE DUE 

The total fee due is: 

Appeal Brief fee $330.00 
Extension fee (if any) $0 

TOTAL FEE DUE $330.00 

6. FEE PAYMENT 

□ Attached is a check in the sum of $ 

B Charge Account No. 09-0461 (CR9-99-045 ) the sum of $330.00 . 

A duplicate of this transmittal is attached. 
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7. FEE DEFICIENCY 

NOTE: If there is a fee deficiency and there is no authorization to charge an account, additional fees are necessary to cover the additional 
time consumed in making up the original deficiency. If the maximum, six-month period has expired before the deficiency is noted and 
corrected, the application is held abandoned. In those instances where authorization to charge is included, processing delays are 
encountered in returning the papers to the PTO Finance Branch in order to apply these charges prior to action on the cases. 
Authorization to charge the deposit account for any fee deficiency should be checked. See the Notice of April 7, 1986, 1065 O.G. 
31-33. 

0 If any additional extension and/or fee is required, this is a request therefor and to charge Account No. 09-0461 
(CR9-99-045 ). 

AND/OR 



Reg. 




Tel. No.: (512) 370-2832 Robert A. Voigt Jr. 

WINSTEAD SECHREST & MINICK P.C 
P.O. Box 50784 
Dallas, Texas 75201 



AUST1N_1\250521\1 
7036-P251US 



(Page 3 of 3) 



